Oops, the UPS Got Hacked!

August 25, 2014 — Leave a comment

No wonder, we have a serious problem about convincing ourselves that we are supposed to feel safe. If the dinosaur system such as the UPS can be hacked, then what can we expect to happen with the other less sophisticated and considerably weaker defended systems? This one makes you wonder.

To make things, being even worse in this situation more than 50 UPS stores in 24 states had some serious issues with the IT security. As a result one percent of all users are very likely to experience some kind of troubles and inconveniences in the future, this way or another. One percent, one may say.

It is not such a big deal. Well, as a matter of fact, it is a gigantic deal. When you have hundreds of millions of users, then even one percentage can be a reason for a serious headache. The guys in the UPS headquarters have plenty of time to discuss what went wrong and eventually why.

Would that be enough? Well, when the gigantic systems fail, then we accept to evaluate our current IT security systems with the highest attention possible. Maybe, some good things will come out of this one, eventually. We sure hope we will not have to wait too long for that. Oops, my dear UPS.

FinSpy Don’t Cry For IOS

August 24, 2014 — Leave a comment

The busy little bees from the Gamma Group has come up with an intriguing report. They have used something called the FinSpy to test the malware resistance strength of Android, IOS, BlackBerry, and some older versions of Windows Phone. The results? Well, they are both interesting and controversial.

It seems that the FinSpy was able to do its dirty work on all of these except the IOS. To be honest, even iPhone could not resist the true force of its malware dark side. However, this malware was able to penetrate iPhone’s only when it was in a so-called jailbreak mode. Intriguing enough, isn’t it?

On the other side, we do not want you to get the wrong impression that with an iPhone is nothing to worry about. The SpyFin is the legitimate cyber weapon used by the government agencies. Every iPhone has an open secret backdoor, which is more than enough to keep you restless about your privacy.

Our word of advice is, do not trust to results published by numerous surveys. Do not even trust your own smartphone. As a matter of fact, you should follow the golden NSA rule. If you have nothing to hide, then you have nothing to worry about. It’s really that simple. For your own good, do not be stubborn about this one. Will you?

Ex Workers + Current Access = Future Troubles

August 23, 2014 — Leave a comment

At the very core of every major serious cyber trouble, there is and always be a human related factor or error. Would you be so kind to write down this simple rule a couple of hundreds of times, for your own cyber well-being. Here is something to include in the field of corporate IT security.

You will be surprised to find to which extent ex-employees still have limitless access to almost all of the companies IT infrastructure. In the absolute majority of all cases the people in charge of HR or IT administration are simply lazy to do all what is necessary. Do not jump to the wrong conclusions.

We are not saying that as soon as you leave your company, you will become a vigilante hacker. Yet, who is stopping you to take an advantage of the situation. It is almost impossible to resist when you have a chance for some payback to a company, which fired you in the worst possible moment.

Just as you are required to clean your working desk, someone also has to clean your cyberspace after you. Eventually, the last thing you need is to be blamed for some hacker’s attack on your ex-company, which used your old data. Let bygones by bygones, focus on a new job and new passwords. Right?

About The Hackers’ Motivation

August 20, 2014 — Leave a comment

Yes, let us ask some questions about the hackers’ motivation. What is in their hearts and minds that made them to do the things they do on a daily basis? We definitely need to know more about our worst cyber enemies in order to defeat them successfully. So, what do we actually know about their motives?

It may come as a surprise, but it seems that the excitement is the main motivation engine for all hackers in more than 50% of all known cases. It is a sad thing to witness so many promising IT careers being destroyed for a little fun and false sense of greatness. What is happening with the position number two?

Well, the hacker’s moral compass takes up to 30% of the entire motivational pie. In some cases, they really believe that what they are doing is justified and for the common good. And finally, the financial factor takes what is left of all remaining percentages in this story. Less than 20%.

So, what is the moral of this story? If we can provide an alternative for the excitement and ensure the sense of rightfulness for hackers, we can solve more than 80% of all cyber attacks before they even appear. Do not blink, and start to think how we can achieve this goal. Hack the hackers’ hearts and minds.

Top Hackers’ Destinations This Summer

August 12, 2014 — Leave a comment

The things have changed this summer. So far, Java has been the most favorite destination for hackers during the warmest period of the year. However, according to the findings of the Bromium Labs it seems that the hackers have found the next big summer hit – the good old Internet Explorer.

What is so special about the Internet Explorer? Well, you should probably know by now that ensuring the technical support for the outdated versions is definitely the Achilles’ heel for Microsoft. Windows XP cannot count on the support including Internet Explorer 8. No support + no updates = no protection.

The trouble with Microsoft users is that they are unadorably loyal and surprisingly stubborn. Every now and then, Microsoft urges them to move to the latest versions available. Nevertheless, they keep using older versions of both Windows and IE while demanding the continuous support regardless of the circumstances.

And, here it goes. While the two sides are arguing, in our case Microsoft and users, the third party takes an advantage of the situation. The hackers just could not wish for more. Stubborn and reckless users, who are swimming in the unprotected waters. Hunting season is on. Update or suffer, there is no third option.

Simpler, Better, Hacker…

August 11, 2014 — Leave a comment

To have an idea that the most successful hackers are top rocket scientists, who at one moment turned to the dark side is at least to say childish. In most of the cases they are educated fools with money on their minds. What is even more important to say they need a helping hand. Who could that be?

Unfortunately, when it comes to the cyber trouble you cannot believe how many times we are the accomplices of our own misfortune. The hackers themselves, on the other side, are practical people who look for the imperfections of the system and the negligence of the users. That is the catch.

Instead of whining about the endangered privacy and compromised cyber security, we can question our own behavior and habits for a change. At least what we can do is to make hackers work harder for their dirty profit. Do not leave them an open door and do not act as if it is not going to happen to you.

We all know these simple truths, and we keep forgetting them all the time. How strong and devastating a cyber blow into your face has to be in order for you to start learning and applying some basic IT self defense techniques? Be a quick doer and a careful listener in this one, will you?

Smart Cars. Ingenious Hackers.

August 10, 2014 — Leave a comment

The cars are getting smarter with each new day. We are literally surrounded with smart things. Everywhere you look there is smart this and smart that. Unfortunately, the hackers themselves are smart enough, or very often much smarter. The series of misfortunate events with the Tesla cars has brought to our attention the trouble of car hacking.

Nowadays, it is possible to hack a car just like any other smart device such as a smartphone or computer. The hackers have an opportunity to gain access or even control over your car through wireless tools in it such as radio, Bluetooth, navigation, and similar. What can we do about it? How safe are we in fact?

These kinds of things make you wonder, do we need an antivirus for our own cars? It is an inevitable paradox. The more sophisticated are cars become, the easier it gets to hack them successfully. Hacking on wheels – maybe this should have been the more appropriate title for our post?

For what is worth, we have some new details to take care about the next time we choose our favorite car. We are not talking only about the driver’s and traffic safety, but also about the IT security, as well. It seems that your car’s equipment just got itself an additional category. More job for IT security experts, as well.

Privacy Data Punisher

August 3, 2014 — Leave a comment

Let us not act surprised, shall we? It simply had to happen sooner or later. For what is worth, this bad news for our privacy protection is very likely to have a positive epilogue. How? What happened? Well, after this one there will not be any more excuses. We will never be treated as the collateral damage of security breaches.

The United Kingdom’s Information Commissioner’s Office (ICO) has ordered that the Think W3 Limited as a distinguished UK online travel service has to pay almost $250,000 for fines. Why? It seems fair for almost one million stolen credit cards related data. Could this one have been prevented?

Honestly, it is hard to say, but there is one thing that puts a blame on this agency. Since they acquired their data system in 2006 they have not bothered, not even once as a matter of fact, to run an appropriate security test. Plenty of time for hackers to prepare accordingly, indeed.

Now, these guys from the travel service have more than 250,000 reasons to thoroughly examine all of their security vulnerabilities. Just imagine for a moment how significant saving could have achieved, if they were to conduct the simplest security test a couple of years ago.

The Malware Human Rights

August 2, 2014 — Leave a comment

The things are getting serious with hacking, aren’t they? Apparently, so serious that even The European Court of Human Rights (ECHR) has to intervene. What happened? It seems that the Latvian creator of the Gozi Trojan, which is specially designed to attack banks, thought he will face some unfair treatment by the US Justice Department.

Unlucky for him, in its opinion the ECHR sent a message that Gozi’s father has to answer for his wrongdoings, and that a legal treatment across the ocean will be just fine in this case. This was his last chance to prevent the extradition to the USA, and it has failed.

This obviously talented 29 year old hacker has every right to fight his legal battles. Why? Well, he is facing a 67 years of imprisonment penalty in the USA. You can do the math, can’t you? In other words, this a lifetime sentence. And, the message is strong. Who will dare to attack the US banks after this one?

Maybe, this Latvian hacker can make some kind of a deal with the US government. He can become the US version of Nikita. Why not? In exchange for his freedom he can provide training or even his own personal hacking services to the government. Who knows? He knows too much to work in the prison’s library. Right?

Tesla For Hacker Dummies

July 26, 2014 — Leave a comment

All of our hats off to Nikola Tesla, one of the most brilliant minds in an entire human history. Thanks to his inventions we are able to write our posts in the first place and you enjoy them on your devices, as well. No wonder, the inventors of one of the most successful oil-free cars honored their model with his name.

Now, after this relaxing and educational introduction you are ready for the right stuff. Did you know that you can hack a car? This is exactly what happened with the Tesla Model S. To make things even more interesting the hacking took place during the SyScan +360 security conference. The Chinese guys were after a prize of $10,000, that is their sin.

How they did it? Well, all they had to do is to hack the six digit code for the Tesla Model S mobile app. It is a secret how they managed to take control of almost all vital car’s functions in the first place. Unfortunately, this is a weak comfort for all current and potential Tesla car users. So, what is left for us to do?

For what is worth, be careful with your Bluetooth, radio, wireless, and navigation maps in your car, because through them you can get some unwanted virtual guests next to your seat. Maybe, it was not a smart thing to put a computer in your car, in the first place. You do not need a smart car. You need a smart driver and reliable machine. No more, no less.

IMELA Software Blog

4 out of 5 dentists recommend this WordPress.com site

Hacking